https://bugzilla.mindrot.org/show_bug.cgi?id=3802
Bug ID: 3802
Summary: Secure forwardings, check connecting user
Product: Portable OpenSSH
Version: 9.9p2
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: unassigned-b...@mindrot.org
Reporter: p...@maths.usyd.edu.au
Openssh tries to keep port forwardings secure e.g. via the GatewayPorts
setting; -X may be secured with xauth, and forwarding UNIX sockets may
be safe. Still, IP forwarding is unsafe on multi-user machines: anyone
can connect to -L and -D forwardings when the ssh client machine is
multi-user, or to -R forwardings when the sshd server machine is
multi-user.
Please secure IP forwardings by checking the connecting user, ensuring
same user as that of the ssh client, or the one logged in to sshd.
These checks would be similar to say identd:
https://en.wikipedia.org/wiki/Ident_protocol
easy on Linux (via netlink calls or looking in /proc/net/tcp), and
probably possible on Windows and MacOS. (I do not know about others.)
If it would help, I may try to provide patches for Linux.
Thanks, Paul
--
Paul Szabo p...@maths.usyd.edu.au
www.maths.usyd.edu.au/u/psz
School of Mathematics and Statistics University of Sydney
Australia
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
